Geekly Articles each Day
📜 ⬆️ ⬇️

Telegram MTPROTO Proxy - everything we know about him

image

Immediately after the events with Telegram locks in Iran and Russia, a new type of proxy began to appear in beta versions of the messenger, and to be precise, the new protocol is MTProto Proxy.

This protocol was created by the Telegram team to solve lock bypass problems, but is it really good?

Like now?


The main proxy type with which the telegram is now socks. He has a fatal flaw: Login and password when connecting to a proxy is transmitted in the clear , no, your telegrams cannot be “taken away” in this way, but you can look inside the proxy and understand that Ivan Ivanov uses the telegram.
')
In those countries that use DPI to analyze traffic, this is done. This device parses the tunnel and looks what is inside, if we see the forbidden traffic, we block it.

What does Durov offer?


MTProto Proxy - MTProto family protocol (Telegram works on it), solves several problems at once:

  1. To connect instead of the login + password, just enough password
  2. Traffic does not differ from the usual HTTPS / TLS (well, almost)
  3. Password is not transmitted to the server when connecting
  4. Traffic is encrypted
  5. It is possible to work through a proxy only by Telegram (other applications will not work)
  6. Promoted channels

As you can see, the set of features makes this type of proxy highly specialized - for Telegram, you will not be able to send normal traffic to it, and this is not strange - a huge plus.

Telegram only


Previously, the channels (and bots) made their proxies and distributed them to the world in order to preserve the audience in case of blocking. Their proxies fell into the global lists of proxies and through them they sent spam and other bad things. With a new type of proxy - you can not break the law, the maximum that will happen - the telegram will ban your IP address.

An example of a violation of the law in the case of socks: They tried to hack a bank / state agency through your proxy, your hoster will receive a formal complaint and, at best, just block you, at worst - well we will have that court.

Promoted feeds


image

Promoted channels are a channel to which you will automatically be subscribed when connected to a proxy, it will be assigned to the top of the contact / chat list and cannot be deleted until you disconnect from this proxy.

Roughly speaking, a telegram allows you to monetize a proxy, if earlier you could take a proxy from channel X (it works faster), but you don’t read it at all and go to read Y (and at the same time, channel X spends money to support the proxy into void), now you will pay for the use of the proxy for using the proxy.

Thus, you can expect explosive growth of such proxies, if earlier the creation of a proxy was more a wave of goodwill or charity, now - the more users on your proxy = the more subscribers at the channel -> advertising can be sold more expensive.

Traffic is encrypted


Having started Wireshark I went to look how the traffic looks when working through a proxy. And it looks like a normal TCP / SSL connection (without some packages / headers that belong to https) . In other words, traffic can be disguised as solutions such as Cisco Anyconnect and similar solutions that use TCP + SSL.

Inside the tunnel - "porridge" of encrypted traffic, traffic is encrypted, as you can guess, thereby the password / secret phrase that you enter when you connect. But not only she, of course, uses all the features of SSL / TLS here.

When will it be in production?


At the moment, MTProto Proxy is available in a stable version of Telegram for OS X, Telegram or Android, and in beta versions of Telegram Desktop, iOS Telegram X.

It looks like we are waiting for a release in the “production” of this proxy in Desktop clients and the usual iOS version (not X) right after that, we should see a new post from the team with a story about why it is good and how to live.

And test where?


In the open spaces of the chat, a semi-official proxy was found in the telegram, which works fine with the new protocol and (it seems) was launched by one of the developers, and here it is:

t.me/proxy?server=proxy.digitalresistance.dog&port=443&secret=d41d8cd98f00b204e9800998ecf8427e

But that's not all, enthusiasts on Github try to make their proxy servers using the source analysis method (there is no official yet), here is a (PHP) pair (C #) of projects (Rust) .

PS And in the most recent version of the library for VOIP calls that is used in the telegram, support for the conference mode is found, it looks like there will be two big announcements right away.

UPD: MTProto proxy - at the moment a part of the Telegram infrastructure and when telegram “runs” from locks - it multiplies and transfers copies of its MTProto Proxy between hosters, the processing servers themselves do not move anywhere. Thus, in a short time, Telegram will allow to deploy a part of its infrastructure in itself. (The protocol of “native” proxies may differ from what the telegrams are currently implementing in their clients under the name MTPROTO)

UPD: Similar post from Anna (Vee Security) about the types of proxies in the Telegram and about the MTProto Proxy (including the analysis of a specific type of encryption)

UPD: MTProto Proxy from the creators of TgVPN mtproto.tgproxy.cloud/mtproxy.html asked to test

UPD: The most stable version of the MTProto server (in my opinion) is on Rust, available on Github github.com/dotcypress/mtproxy

The easiest option to run "your" proxy:

sudo docker run --name 'mtproto_proxy' --restart unless-stopped -p 1984:1984 -dti dotcypress/mtproxy -s 'proxy secret'

proxy secret —

:

docker logs mtproto_proxy

Source: https://habr.com/ru/post/359348/

More articles:


All Articles